You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
1. It's a demo project and it's not deployed in the wild/production.
2. Since it was just for demoing the capabilities we tried to keep the code
as short as possible.
Hi!
The supplied proxies:
don't filter the input. Therefore they can be used to request e.g. localhost (including other services running on the machine) or other unwanted targets. This is called SSRF: https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/
I am aware that this project is a demo project, but if I got the README right, it seems like this is deployed in the wild as well?
Best
The text was updated successfully, but these errors were encountered: